barboni
commented
9 years ago @mikesparr did you make any progress on this? I'm currently facing the same issue.
Closed mikesparr closed 7 years ago
barboni
commented
9 years ago @mikesparr did you make any progress on this? I'm currently facing the same issue.
julien-sarazin
commented
9 years ago @barboni @mikesparr all auth informations are stored in req.signedCookies.
I'm currently working on it. I think i will try to put in the auth:after middleware something like:
req.accessToken = req.signedCookies.access_token
I'll try to keep you updated if it works fine with the built-in ACL.
julien-sarazin
commented
9 years ago Not woring ATM : https://github.com/strongloop/loopback/issues/1747
julien-sarazin
commented
9 years ago If you guys are still interested in a solution check the strongloop/loopback#1747. cheers
barboni
commented
9 years ago @julien-sarazin thanks a lot. I actually ended up re-implementing the component for our needs, but I'll definitely check out your solution.
jannyHou
commented
9 years ago thanks @everyone here! And thanks you @julien-sarazin for your workaround solution in https://github.com/strongloop/loopback/issues/1747#issuecomment-149874893
stale[bot]
commented
7 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Other LB apps leverage the
User.login()which returns anaccessTokenand also set in the request. This token is then used for subsequent requests to API, etc. In this example app since it uses Passport'sreq.login()it bypasses LB's built in accessToken to leverage the ACL and Roles (RBAC).What is the best way to incorporate Passport, but also include LB's built in user model and RBAC? Is there some remote hook after login with passport (local or social strategies) that we can then do additional logic?